Update Feed

Simple Machines Forum 2.0.14

Upgrading to Simple Machines Forum 2.0.14

Simple Machines Forum 2.0.14 can be upgraded to (or installed) using any of Installatron's products. Use Installatron's optional Automatic Update feature to automatically apply Simple Machines Forum updates as new versions are released, or use Installatron's Clone feature to duplicate an existing Simple Machines Forum install to test the 2.0.14 upgrade prior to applying it live. Get started managing your Simple Machines Forum installations with Installatron

What's New in Simple Machines Forum 2.0.14

This patch adds both security and general maintenance fixes to your forum, so it is imperative that you install this patch quickly.

SMF 2.0.14

Updating session handlers

Adding HTTPS

fetch_web_data now uses cURL, falling back to sockets

Ported image proxy support from SMF 2.1

Also added HTTPS for avatars

Added a simple exception handler

Check session while logging in

Sanitize some fields to help guard against XSS

Validate email addresses with PHP’s filter method

Fix search highlighting to not mangle/expose some HTML

Fix password acceptance when special characters were used in UTF-8;

Correct some random logic errors in the profile area

Use ampersands instead of semi-colons for PayPal’s return link

Fix sending multiple MIME-Version headers in notification mail

Fix sending multipel Content-Type headers in all requests

SMF 2.0.13

Some file versions didn't get modified in the 2.0.12 patch

Added check and sanitization for $_REQUEST['u'] in LogInOut.php and Reminder.php

Added check and sanitization for $_REQUEST['uid'] in Reminder.php

Properly sanitize author's website for packages

Added session check when uploading packages

Added session check when copying template files from one theme to another